<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
 <head>
  <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  <title>Verifies if a certificate can be used for a particular purpose</title>

 </head>
 <body><div class="manualnavbar" style="text-align: center;">
 <div class="prev" style="text-align: left; float: left;"><a href="function.openssl-x509-check-private-key.html">openssl_x509_check_private_key</a></div>
 <div class="next" style="text-align: right; float: right;"><a href="function.openssl-x509-export-to-file.html">openssl_x509_export_to_file</a></div>
 <div class="up"><a href="ref.openssl.html">OpenSSL 函数</a></div>
 <div class="home"><a href="index.html">PHP Manual</a></div>
</div><hr /><div id="function.openssl-x509-checkpurpose" class="refentry">
 <div class="refnamediv">
  <h1 class="refname">openssl_x509_checkpurpose</h1>
  <p class="verinfo">(PHP 4 &gt;= 4.0.6, PHP 5)</p><p class="refpurpose"><span class="refname">openssl_x509_checkpurpose</span> &mdash; <span class="dc-title">Verifies if a certificate can be used for a particular purpose</span></p>

 </div>
 
 <div class="refsect1 description" id="refsect1-function.openssl-x509-checkpurpose-description">
  <h3 class="title">说明</h3>
  <div class="methodsynopsis dc-description">
   <span class="type">int</span> <span class="methodname"><strong>openssl_x509_checkpurpose</strong></span>
    ( <span class="methodparam"><span class="type"><a href="language.pseudo-types.html#language.types.mixed" class="type mixed">mixed</a></span> <code class="parameter">$x509cert</code></span>
   , <span class="methodparam"><span class="type">int</span> <code class="parameter">$purpose</code></span>
   [, <span class="methodparam"><span class="type">array</span> <code class="parameter">$cainfo</code><span class="initializer"> = array()</span></span>
   [, <span class="methodparam"><span class="type">string</span> <code class="parameter">$untrustedfile</code></span>
  ]] )</div>

  <p class="para rdfs-comment">
   <span class="function"><strong>openssl_x509_checkpurpose()</strong></span> examines a certificate to
   see if it can be used for the specified <em><code class="parameter">purpose</code></em>.
  </p>
 </div>


 <div class="refsect1 parameters" id="refsect1-function.openssl-x509-checkpurpose-parameters">
  <h3 class="title">参数</h3>
  <p class="para">
   <dl>

    
     <dt>
<em><code class="parameter">x509cert</code></em></dt>

     <dd>

      <p class="para">
       The examined certificate.
      </p>
     </dd>

    
    
     <dt>
<em><code class="parameter">purpose</code></em></dt>

     <dd>

      <p class="para">
       <table class="doctable table">
        <caption><strong><span class="function"><strong>openssl_x509_checkpurpose()</strong></span> purposes</strong></caption>
        
         <thead>
          <tr>
           <th>Constant</th>
           <th>Description</th>
          </tr>

         </thead>

         <tbody class="tbody">
          <tr>
           <td>X509_PURPOSE_SSL_CLIENT</td>
           <td>Can the certificate be used for the client side of an SSL
           connection?</td>
          </tr>

          <tr>
           <td>X509_PURPOSE_SSL_SERVER</td>
           <td>Can the certificate be used for the server side of an SSL
           connection?</td>
          </tr>

          <tr>
           <td>X509_PURPOSE_NS_SSL_SERVER</td>
           <td>Can the cert be used for Netscape SSL server?</td>
          </tr>

          <tr>
           <td>X509_PURPOSE_SMIME_SIGN</td>
           <td>Can the cert be used to sign S/MIME email?</td>
          </tr>

          <tr>
           <td>X509_PURPOSE_SMIME_ENCRYPT</td>
           <td>Can the cert be used to encrypt S/MIME email?</td>
          </tr>

          <tr>
           <td>X509_PURPOSE_CRL_SIGN</td>
           <td>Can the cert be used to sign a certificate revocation list
           (CRL)?</td>
          </tr>

          <tr>
           <td>X509_PURPOSE_ANY</td>
           <td>Can the cert be used for Any/All purposes?</td>
          </tr>

         </tbody>
        
       </table>

       These options are not bitfields - you may specify one only!
      </p>
     </dd>

    
    
     <dt>
<em><code class="parameter">cainfo</code></em></dt>

     <dd>

      <p class="para">
       <em><code class="parameter">cainfo</code></em> should be an array of trusted CA files/dirs
       as described in <a href="openssl.cert.verification.html" class="link">Certificate
       Verification</a>.
      </p>
     </dd>

    
    
     <dt>
<em><code class="parameter">untrustedfile</code></em></dt>

     <dd>

      <p class="para">
       If specified, this should be the name of a PEM encoded file holding
       certificates that can be used to help verify the certificate, although
       no trust is placed in the certificates that come from that file.
      </p>
     </dd>

    
   </dl>

  </p>
 </div>


 <div class="refsect1 returnvalues" id="refsect1-function.openssl-x509-checkpurpose-returnvalues">
  <h3 class="title">返回值</h3>
  <p class="para">
   Returns <strong><code>TRUE</code></strong> if the certificate can be used for the intended purpose,
   <strong><code>FALSE</code></strong> if it cannot, or -1 on error.
  </p>
 </div>


</div><hr /><div class="manualnavbar" style="text-align: center;">
 <div class="prev" style="text-align: left; float: left;"><a href="function.openssl-x509-check-private-key.html">openssl_x509_check_private_key</a></div>
 <div class="next" style="text-align: right; float: right;"><a href="function.openssl-x509-export-to-file.html">openssl_x509_export_to_file</a></div>
 <div class="up"><a href="ref.openssl.html">OpenSSL 函数</a></div>
 <div class="home"><a href="index.html">PHP Manual</a></div>
</div></body></html>
